Signature Detail

Short Name	SMTP:EXCHANGE:CALENDAR-HEAP
Severity	Medium
Recommended	No
Category	SMTP
Keywords	Microsoft Exchange Calendar Request Heap Overflow
Release Date	2006/05/09
Update Number	1213
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SMTP: Microsoft Exchange Calendar Request Heap Overflow

This signature detects attempts to exploit a known vulnerability against Microsoft Exchange Information Store service while processing Outlook calendar requests. Attackers can overwrite the heap structure, thereby causing an exception which results in a denial of service on an Exchange server. Typically, the service is not set to restart automatically if it is terminated.

Extended Description

Microsoft Exchange Server is prone to a vulnerability that may let attackers execute code remotely. This issue is exposed when the server handles emails that contain malicious calendar data that is included in meeting requests. If the issue is successfully exploited, this could completely compromise the computer hosting the mail server.

Affected Products

Microsoft Exchange Server 2000 SP1
Microsoft Exchange Server 2000 SP2
Microsoft Exchange Server 2000
Microsoft Exchange Server 2003 SP1
Microsoft Exchange Server 2003 SP2
Microsoft Exchange Server 2003

References

BugTraq: 17908
CVE: CVE-2006-0027
URL: http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1818

Signature Detail

Short Name

Severity

Recommended

Category

Keywords

Release Date

Update Number

Supported Platforms

SMTP: Microsoft Exchange Calendar Request Heap Overflow

Extended Description

Affected Products

References